UBM: TECH DIGITAL RESOURCE LIBRARY

Veracode

Veracode's the only independent provider of cloud-based application intelligence and security verification services. The Veracode platform provides the fastest, most comprehensive solution to improve the security of internally developed, purchased or outsourced software applications and third-party components. By combining patented static, dynamic and manual testing, extensive eLearning capabilities, and advanced application analytics, Veracode enables scalable, policy-driven application risk management programs that help identify and eradicate numerous vulnerabilities by leveraging best-in-class technologies from vulnerability scanning to penetration testing and static code analysis. Veracode delivers unbiased proof of application security to stakeholders across the software supply chain while supporting independent audit and compliance requirements for all applications no matter how they are deployed, via the web, mobile or in the cloud. Veracode works with customers in more than 80 countries worldwide representing Global 2000 brands. For more information, visit www.veracode.com, follow on Twitter

Our Website: http://www.veracode.com


Latest Content From Veracode

Webcast: Secure Agile & DevOps: How It Gets Done

by VeracodeMay 08, 2015

There?s no point trying to ignore the elephant in the room. Everyone knows there?s historically been friction between security professionals and development teams. This isn?t because of inherent animosity, but conflicting priorities. Development needs to ship functioning code on time and within budget. Security needs to manage risks to the organization, including risks introduced by new code. One needs to go as fast as possible; the other needs to keep from smashing through the guardrails


Whitepaper: Hacking Exposed - Web and Database Hacking

by VeracodeApr 20, 2015

Read this classic reference text to get into the cyberattacker's mind and understand the latest attack vectors and web application threats. Download this whitepaper to learn about web application vulnerabilities and hacking techniques; freely-available crawling tools; and countermeasures to protect your web application infrastructure.


Whitepaper: Why Application Security is a Business Imperative

by VeracodeApr 20, 2015

The harsh reality is that most internally developed applications are not assessed for critical security vulnerabilities such as SQL injection. IDG Research Services recently surveyed top IT and security executives at enterprises across a variety of industries in the U.S., U.K. and Germany to better understand the enterprise security landscape. This paper examines the survey results.


Webcast: The Changing Role of the Chief Information Security Officer: What Every CISO Should Know

by VeracodeMar 27, 2015

In past years, the job of the enterprise chief information security officer (CISO) was to establish and maintain a security perimeter around corporate data and a strategy for defending it. But today’s CISO is faced with a wide variety of new challenges that the security department has never seen before. While cloud computing, open source, distributed and outsourced software development, bring-your-own-device policies, and other initiatives create “shadow IT” environments that


Webcast: Building and Enforcing Mobile Application Security Policy in a BYOD World

by VeracodeMar 16, 2015

The rapid proliferation and use of personal and work-related mobile applications is one of the reasons a typical large enterprise may have up to 2000 or more unsafe applications installed in their environment. (^1) In fact, a typical user accesses an average of 24.7 mobile applications per month.,(^2) Worse yet, traditional approaches taken by security teams, such as manually testing and blacklisting or whitelisting applications, are proving inadequate to keep up with the number of applications


Whitepaper: G2000 Firm Secures Critical Financial Applications and Generates 192% ROI (Forrester)

by VeracodeMar 04, 2015

Learn how a global firm secured 400 critical applications and generated an ROI of 192% with cloud-based automation and centralization. The firm previously relied on a traditional on-premises scanning tool, but success was limited because specialized expertise was required to tune and interpret results. As a result, the firm's AppSec program only covered a small fraction of the firm's applications. This Forrester case study includes a detailed financial model showing how the firm


Whitepaper: How a Global Manufacturer Secures Its Software Supply Chain

by VeracodeMar 04, 2015

A global manufacturer found that over 90% of their vendor applications had critical OWASP Top 10 vulnerabilities. The company now leverages Veracode's automated cloud-based service to audit hundreds of third-party applications per year without requiring access to proprietary vendor source code. It also tracks vendor progress with supplier scorecards from the Veracode platform, and has modified its procurement process to contractually require suppliers to meet its security policies. The


Whitepaper: Hacking Exposed 7 - Chapter 10: Web and Database Hacking (McGraw-Hill)

by VeracodeMar 04, 2015

Read this classic reference text to get into the cyberattacker's mind and understand the latest attack vectors and web application threats. The prerequisite for dealing with cybersecurity is knowledge: download this critical chapter to learn about web application vulnerabilities and hacking techniques; freely-available crawling tools; and countermeasures to protect your web application infrastructure.


Whitepaper: The CISO's Handbook - Presenting to The Board (Forrester)

by VeracodeMar 04, 2015

This report describes strategies for articulating your risk posture and security strategy to executives so you can position yourself as a key influencer in the boardroom. Written by a CISO, it offers guidance on: answering common questions such as “How secure are we”; describing how your strategy aligns with the goals of the business; and helping the board understand complex security issues.